Skip to content

Commit

Permalink
doc: update links to be valid
Browse files Browse the repository at this point in the history
  • Loading branch information
jan-ferdinand committed Apr 22, 2024
1 parent 44abcda commit 21ab79d
Show file tree
Hide file tree
Showing 4 changed files with 31 additions and 31 deletions.
2 changes: 1 addition & 1 deletion specification/src/evaluation-argument.md
Original file line number Diff line number Diff line change
Expand Up @@ -33,7 +33,7 @@ It is possible to establish a subset relation by skipping over certain elements
The running evaluation must incorporate the same elements in both tables.
Otherwise, the Evaluation Argument will fail.

Examples for subset Evaluation Arguments can be found between the [Hash Table](hash-table.html#extension-columns) and the [Processor Table](processor-table.md#extension-colums).
Examples for subset Evaluation Arguments can be found between the [Hash Table](hash-table.md#extension-columns) and the [Processor Table](processor-table.md#extension-colums).

---

Expand Down
2 changes: 1 addition & 1 deletion specification/src/memory-consistency.md
Original file line number Diff line number Diff line change
Expand Up @@ -13,4 +13,4 @@ Their respective clock jump differences – differences of clock cycles within r
Under reasonable assumptions about the running time, this fact implies that all clock jumps are directed forwards, as opposed to backwards, which in turn implies that the rows are sorted for clock cycle.

The next sections elaborate on these constructions.
A [dedicated section](proof-of-memory-consistency.html) shows that these two properties do indeed suffice to prove memory consistency.
A [dedicated section](proof-of-memory-consistency.md) shows that these two properties do indeed suffice to prove memory consistency.
52 changes: 26 additions & 26 deletions tips/tip-0005/tip-0005.md
Original file line number Diff line number Diff line change
@@ -1,13 +1,13 @@
# TIP 0005: Hash Function

| TIP | 0005 |
|:---------------|:-------------------------------------------------|
| TIP | 0005 |
|:---------------|:--------------------------------------------------------------------------------|
| authors: | Alan Szepieniec and Alexander Lemmens and Ferdinand Sauer and Bobbin Threadbare |
| title: | Tip5 Hash Function |
| status: | request for comments |
| created: | 2022-11-17 |
| issue tracker: | [161](https://github.com/TritonVM/triton-vm/pull/161) |
| pdf: | [pdf](tip5-paper.pdf) |
| title: | Tip5 Hash Function |
| status: | request for comments |
| created: | 2022-11-17 |
| issue tracker: | [161](https://github.com/TritonVM/triton-vm/pull/161) |
| pdf: | [pdf](tip5-paper.pdf) |

**Abstract.**
This note proposes a new arithmetization-oriented hash function. It uses the SHARK design strategy [1] in combination with lookup tables, and is defined over the field with $p=2^{64}-2^{32}+1$ elements. This note also discusses techniques for efficiently arithmetizing the hash function.
Expand All @@ -28,18 +28,18 @@ This note also includes an arithmetization of the hash function in the STARK con

## Specification

### Basic Parameters
### Basic Parameters

| Parameter | Symbol | Value |
|-----------|--------|-------|
| field modulus | $p$ | $2^{64} - 2^{32} + 1$ |
| number of rounds | $N$ | 5 |
| state size | $m$ | 16 |
| sponge rate | $r$ | 10 |
| sponge capacity | $c$ | 6 |
| digest length | $d$ | 5 |
| power map exponent | $\alpha$ | 7|
| number of split-and-lookups per round | $s$ | 4 |
| Parameter | Symbol | Value |
|:--------------------------------------|:---------|----------------------:|
| field modulus | $p$ | $2^{64} - 2^{32} + 1$ |
| number of rounds | $N$ | 5 |
| state size | $m$ | 16 |
| sponge rate | $r$ | 10 |
| sponge capacity | $c$ | 6 |
| digest length | $d$ | 5 |
| power map exponent | $\alpha$ | 7 |
| number of split-and-lookups per round | $s$ | 4 |

For the sake of genericity the rest of the note uses the symbol rather than the value.

Expand Down Expand Up @@ -331,11 +331,11 @@ With the above columns and AIR constraints, the remaining piece of the entire ca
The next table gives an overview of the base and extension column used in the various tables.

| Table | base | extension | sum | B-field equivalent sum |
|-----------|------|-----------|-----|-----|
| Hash | 49 | 16 | 65 | 97 |
| Cascade | 6 | 3 | 9 | 15 |
| Lookup | 4 | 2 | 6 | 10 |
| **Total** | 59 | 21 | 80 | 122 |
|:----------|-----:|----------:|----:|-----------------------:|
| Hash | 49 | 16 | 65 | 97 |
| Cascade | 6 | 3 | 9 | 15 |
| Lookup | 4 | 2 | 6 | 10 |
| **Total** | 59 | 21 | 80 | 122 |


### Comparison to Rescue-Prime Optimized
Expand All @@ -352,8 +352,8 @@ Note that for the parameters here, Rescue-Prime has 8 rounds and as a result the

These benchmarks were obtained on a Intel(R) Core(TM) i7-10750H CPU @ 2.60GHz. On this machine Tip5 is 12.19× faster than Rescue-Prime Optimized. The implementation is available at [10].

| Hash Function | time |
|------------------------|-----------|
| Hash Function | time |
|:-----------------------|----------:|
| Rescue-Prime | 18.186 µs |
| Rescue-Prime Optimized | 14.357 µs |
| Poseidon | 6.940 µs |
Expand Down Expand Up @@ -441,4 +441,4 @@ sum of digests: [6483667016211232820, 1120398765245047030, 9375424207996641714,
[7]: https://eprint.iacr.org/2022/1530
[8]: https://eprint.iacr.org/2022/274
[9]: https://eprint.iacr.org/2016/504
[10]: https://github.com/Neptune-Crypto/twenty-first/blob/master/twenty-first/src/shared_math/tip5.rs
[10]: https://github.com/Neptune-Crypto/twenty-first/blob/master/twenty-first/src/math/tip5.rs
6 changes: 3 additions & 3 deletions tips/tip-0006/tip-0006.md
Original file line number Diff line number Diff line change
Expand Up @@ -94,9 +94,9 @@ The used $\texttt{rate}$ of 10 is accurate for Triton VM's current hash function
The following base constraints are added to the Program Table.
Note that for reasons of brevity, unchanged constraints are not repeated in this note.

[^1]: `absorb_count`
[^2]: `max_minus_absorb_count_inv`
[^3]: `hash_input_pad_ind`
[^1]: abbreviation of `absorb_count`
[^2]: abbreviation of `max_minus_absorb_count_inv`
[^3]: abbreviation of `hash_input_pad_ind`

### Initial Constraints

Expand Down

0 comments on commit 21ab79d

Please sign in to comment.